<?php

// ##############################################################################||
// #                                                                 
// #   MySmartBB Version 1.7.0	                                      
// #   http://www.MySmartBB.com                                      
// #   Copyright (c) 2008 by MySmartBB team                           
// #   license http://opensource.org/licenses/gpl-license.php GNU Public License
// #                                                             
// #   filename : misc.php                                          
// #   other features of MySmartBB: statistics,, online page,
// #   announcemets, reports, pages, groups page, forget password,
// #   member activation, sending email, verify change password, 
// #   section password, ads.                         
// #                                                                  
// ##############################################################################||

// ** General definitions **

     define('NOT_IN_INDEX',0);
     include('common.php');

// ** statistics **

     if ($_GET['static'] == 1)
     {
         $SF->html_title_page('إحصائيات المنتدى - (Powered By MySmartBB Universal)');

         $getdate_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "member WHERE id='1'");
         $getdate_row   = $DB->sql_fetch_array($getdate_query);

         $age           = strtotime('now') - strtotime($getdate_row['register_date']);
         $age_show      = ceil ($age / (60*60*24));
         $create_date   = $SF->DateFormatDo($getdate_row['register_date']);

         $member_number            = $DB->sql_num_rows($DB->sql_query("SELECT * FROM " . $db_prefix . "member"));
         $subject_number           = $DB->sql_num_rows($DB->sql_query("SELECT * FROM " . $db_prefix . "subject WHERE delete_topic<>'1'"));
         $reply_number             = $DB->sql_num_rows($DB->sql_query("SELECT * FROM " . $db_prefix . "reply WHERE delete_topic<>'1'"));
         $activemember_number      = $DB->sql_num_rows($DB->sql_query("SELECT * FROM " . $db_prefix . "member WHERE posts<>'0'"));
         $section_number           = $DB->sql_num_rows($DB->sql_query("SELECT * FROM " . $db_prefix . "section WHERE main_section<>'1'"));

         $topmember_query          = $DB->sql_query("SELECT * FROM " . $db_prefix . "member ORDER BY posts DESC LIMIT 0,10");

         $topmember_row = array();
         while ($topmember_row2 = $DB->sql_fetch_array($topmember_query))
         {
             $topmember_row[] = $topmember_row2;
             $Smarty->assign('topmember_row',$topmember_row);
         }

         $toprsubject_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "subject WHERE delete_topic<>'1' AND sec_subject<>'1' ORDER BY reply_number DESC LIMIT 0,10");

         $toprsubject_row = array();
         while ($toprsubject_row2 = $DB->sql_fetch_array($toprsubject_query))
         {
             $toprsubject_row[] = $toprsubject_row2;
             $Smarty->assign('toprsubject_row',$toprsubject_row);
         }

         $topvsubject_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "subject WHERE delete_topic<>'1' AND sec_subject<>'1' ORDER BY visitor DESC LIMIT 0,10");

         $topvsubject_row = array();
         while ($topvsubject_row2 = $DB->sql_fetch_array($topvsubject_query))
         {
             $topvsubject_row[] = $topvsubject_row2;
             $Smarty->assign('topvsubject_row',$topvsubject_row);
         }

         $getnewestsubject_query   = $DB->sql_query("SELECT * FROM " . $db_prefix . "subject WHERE delete_topic<>'1' AND sec_subject<>'1' ORDER BY id DESC LIMIT 0,1");
         $getnewestsubject_row     = $DB->sql_fetch_array($getnewestsubject_query);

         $getmreplysubject_query   = $DB->sql_query("SELECT * FROM " . $db_prefix . "subject WHERE delete_topic<>'1' AND sec_subject<>'1' ORDER BY reply_number DESC LIMIT 0,1");
         $getmreplysubject_row     = $DB->sql_fetch_array($getmreplysubject_query);

         $getmvisitorsubject_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "subject WHERE delete_topic<>'1' AND sec_subject<>'1' ORDER BY visitor DESC LIMIT 0,1");
         $getmvisitorsubject_row   = $DB->sql_fetch_array($getmvisitorsubject_query);

         $Smarty->assign('member_number',$member_number);
         $Smarty->assign('subject_number',$subject_number);
         $Smarty->assign('reply_number',$reply_number);
         $Smarty->assign('createdate',$create_date);
         $Smarty->assign('age_show',$age_show);
         $Smarty->assign('activemember_number',$activemember_number);
         $Smarty->assign('section_number',$section_number);
         $Smarty->assign('newestwriter',$getnewestsubject_row['writer']);
         $Smarty->assign('mreply',$getmreplysubject_row['writer']);
         $Smarty->assign('mvisitor',$getmvisitorsubject_row['writer']);

         $Smarty->assign('path_bar','إحصائيات المنتدى');
         $Smarty->display('path-bar.tpl');
         $Smarty->display('static.tpl');
         $SF->FastMove();
         $Smarty->display('footer.tpl');
     }

// ** Profiles **

     elseif ($_GET['profile'] == 1)
     {
         if (!empty($_GET['id']))
         {
             $id = intval($_GET['id']);
             $profile_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "member WHERE id='$id'");
         }
         elseif (!empty($_GET['username']))
         {
             $username       = $SF->SafeSQL($_GET['username']);
             $profile_query  = $DB->sql_query("SELECT * FROM " . $db_prefix . "member WHERE username='" . $username . "'");
             $username1 = $username ;
         }
		 
		$SF->html_title_page('عرض هوية ' . $profile_row['username'] . ' - (Powered By MySmartBB Universal)');

         $sep_query = $DB->sql_query("SELECT separate_allow FROM ".$db_prefix."info");
         $separate_array = $DB->sql_fetch_array($sep_query);
         $separate_allow = $separate_array[separate_allow];
         $Smarty->assign('separate_allow',$separate_allow);

         $profile_num   = $DB->sql_num_rows($profile_query);
         if ($profile_num == 0)
         {
             $SF->error('<br />المعذرة، العضو المطلوب غير موجود في سجلاتنا');
         }

         $profile_row   = $DB->sql_fetch_array($profile_query);

         $username1 =$profile_row[username];
         $rep = $DB->sql_query("SELECT * FROM ".$db_prefix."reply WHERE writer='" . $username1 . "'");
         $rep_num = $DB->sql_num_rows($rep);
         $Smarty->assign('rep_num',$rep_num);
         $auth = $DB->sql_query("SELECT * FROM ".$db_prefix."subject WHERE writer='" . $username1 . "'");
         $auth_num = $DB->sql_num_rows($auth);
         $Smarty->assign('auth_num',$auth_num);

         $online_query  = $DB->sql_query("SELECT * FROM " . $db_prefix . "online WHERE username='" . $SF->SafeSQL($profile_row['username']) . "'");

         $online_num    = $DB->sql_num_rows($online_query);
         $online_row    = $DB->sql_fetch_array($online_query);

         

         if ($profile_row['user_gender'] == 'm')
         {
             $Smarty->assign('gender','ذكر');
         }
         elseif ($profile_row['user_gender'] == 'f')
         {
             $Smarty->assign('gender','أنثى');
         }

         $lastsubject_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "subject WHERE writer='" . $SF->SafeSQL($profile_row['username']) . "' AND delete_topic<>'1' ORDER BY id DESC LIMIT 0,1");
         $lastsubject_num   = $DB->sql_num_rows($lastsubject_query);
         $lastsubject_row   = $DB->sql_fetch_array($lastsubject_query);
         $last_title        = $SF->SafeOutPuts($lastsubject_row['title']);

         if ($lastsubject_row['sec_subject'] !=  1){
             $last_subject  = "<a href='show.php?main=1&amp;id=$lastsubject_row[id]'>$last_title</a>";
         }
         else
         {
             $last_subject  = "(موضوع خاص)";
         }

         if ($lastsubject_num == 0)
         {
             $Smarty->assign('last_subject','لا توجد للعضو مواضيع');
         }
         elseif ($lastsubject_num != 0)
         {
             $Smarty->assign('last_subject',$last_subject);
         }

         $lastreply_query  = $DB->sql_query("SELECT * FROM " . $db_prefix . "reply WHERE writer='" . $SF->SafeSQL($profile_row['username']) . "' AND delete_topic<>'1' ORDER BY id DESC LIMIT 0,1");
         $lastreply_num    = $DB->sql_num_rows($lastreply_query);
         $lastreply_row    = $DB->sql_fetch_array($lastreply_query);

         if ($lastreply_num == 0)
         {
             $Smarty->assign('last_reply','لا توجد للعضو ردود');
         }
         elseif ($lastreply_num != 0)
         {
             $getpagenum = $DB->sql_query("SELECT COUNT(*) AS posts, " . $db_prefix . "subject.title AS title, " . $db_prefix . "subject.sec_subject AS sec_subject, " . $db_prefix . "subject.reply_number AS reply_number
                                           FROM " . $db_prefix . "reply, " . $db_prefix . "subject
                                           WHERE " . $db_prefix . "reply.subject_id = '" . $lastreply_row['subject_id'] . "' AND " . $db_prefix . "reply.delete_topic <> '1' AND " . $db_prefix . "reply.writer = '" . $SF->SafeSQL($profile_row['username']) . "' AND " . $db_prefix . "subject.id = '" . $lastreply_row['subject_id'] . "'
                                           GROUP BY " . $db_prefix . "reply.writer");

             $getpagenum_row    = $DB->sql_fetch_array($getpagenum);
             if ($lastreply_num == 0)
             {
                 $page_num = 1;
                 $start = 0;
             }
             else
             {
                 $page_num = ceil($getpagenum_row['reply_number'] / $info_row['subject_perpage']);
                 $start = $info_row['subject_perpage'] * ($page_num - 1);
             }
             $last_title = htmlspecialchars($getpagenum_row['title']);

             if ($getpagenum_row['sec_subject'] !=  1)
             {
                 $last_reply = "<a href='show.php?main=1&amp;id=$lastreply_row[subject_id]&amp;page=$page_num#$lastreply_row[id]'>" . $getpagenum_row['title'] . "</a>";
             }
             else
             {
                 $last_reply = "(موضوع خاص)";
             }

             $Smarty->assign('last_reply',$last_reply);
         }

         $register_date = $SF->DateFormatDo($profile_row['register_date']);

         $user_sig = $profile_row['user_sig'];
         $user_sig = $SF->SafeOutPuts($user_sig);
         $user_sig = str_replace('>', '&gt;', $user_sig);
         $user_sig = str_replace('<', '&lt;', $user_sig);

         $user_sig = $SF->SmartCode_replace($user_sig);
         $user_sig = $SF->SmilesReplace($user_sig);

         if (strstr($profile_row['user_time'],'+'))
		 {
			$profileuser_time = $Hgmttime+str_replace("+","",$profile_row['user_time']);
			$profileuser_time = $profileuser_time.$Sgmttime;
		 }
		 else
		 {
			$profileuser_time = $Hgmttime-str_replace("-","",$profile_row['user_time']);
			$profileuser_time = $profileuser_time.$Sgmttime;
		 }

         $progroup_query     = $DB->sql_query("SELECT * FROM " . $db_prefix . "group WHERE id='" . $profile_row['usergroup'] . "'");
         $progroup_row       = $DB->sql_fetch_array($progroup_query);

         if ($progroup_row['view_usernamestyle'] == 1)
         {
             $profile_groupname  = $progroup_row['title'];
         }
         else
         {
             $profile_groupname = '';
         }
		 

#------------------------------------------------
		 $d  = date("j/n");
		 $Smarty->assign('d',$d);
#------------------------------------------------
		 $rec = $DB->sql_query("SELECT * FROM `" . $db_prefix . "member` WHERE bday ='$d'");
	
			 while($row = $DB->sql_fetch_array($rec))
				 {
					 $BD[] = $row;
					 $Smarty->assign('MBD', $BD);
				 }
#------------------------------------------------
	 
		 
         $profile_row['away_msg'] = str_replace('>', '&gt;',$profile_row['away_msg']);
         $profile_row['away_msg'] = $SF->SafeOutPuts($profile_row['away_msg']);
         $profile_row['away_msg'] = str_replace('<', '&lt;',$profile_row['away_msg']);
         $profile_row['away_msg'] = $SF->SmilesReplace($profile_row['away_msg']);
         $profile_row['away_msg'] = nl2br($profile_row['away_msg']);

         $Smarty->assign('away',$profile_row['away_msg']);
         $Smarty->assign('register_date',$register_date);
         $Smarty->assign('user_sig',$user_sig);
         $Smarty->assign('online_num',$online_num);
         $Smarty->assign('profileuser_time',$profileuser_time);
         $Smarty->assign('profile_groupname',$profile_groupname);

         $Smarty->assign_by_ref('online_row',$online_row);
         $Smarty->assign_by_ref('profile_row',$profile_row);
         $Smarty->assign_by_ref('member_row',$member_row);

         $Smarty->display('profile.tpl');
         $SF->FastMove();
         $Smarty->display('footer.tpl');
     }

// ** reports **

     
     elseif ($_GET['report'] == 1 || $_GET['report'] == 2)
     {
		$SF->html_title_page('الابلاغ عن مشاركة مخالفه - (Powered By MySmartBB Universal)');
	 
		if ($member_permission != 1)
		{
			$SF->error('المعذرة , لايُمكنك استخدام هذه الميزة');

		}else
		
         if ($_SERVER['REQUEST_METHOD'] != 'POST')
         {
         	 $Smarty->assign('path_bar','التبليغ بمشاركة سيئة');
         	 $Smarty->display('path-bar.tpl');
             $SF->html('<br /><p align="center">قم بكتابة سبب الإبلاغ عن هذه المشاركة بوصفها مشاركة سيئة في الصندوق التالي:<form action="misc.php?report='. intval($_GET['report']) .'&id=' . intval($_GET['id']) . ($_GET['report'] == 2 ? '&page='. intval($_GET['page']) : '') .'" method="post"><br><textarea name="reason" rows="5" style="width: 230px"></textarea><br><br><input name="send" type="hidden" value="1"><input type="submit" value=" تبليغ "></form></p>');
         	 $SF->FastMove();
             $Smarty->display('footer.tpl');
         }
         else{
         {
             if (empty($_POST['send']))
             {
                 $SF->error('المعذرة، الطريقه المتبعة غير صحيحة');
             }

             if (empty($_GET['id']))
             {
                 $SF->error('الرابط المتبع خاطئ');
             }
			 
		     if (trim($_POST['reason']) == '')
             {
                 $SF->error('سبب التبليغ فارغ. يرجى العودة وتعبئة الحقل الخاص به');
             }

			if ($_GET['report'] == 1) {
				$postinfo_query = $DB->sql_query("SELECT id FROM " . $db_prefix . "subject WHERE id=" . intval($_GET['id']));
				$postinfo_num   = $DB->sql_num_rows($postinfo_query);
				$postid = $_GET['id'];
			} elseif ($_GET['report'] == 2) {
				$postinfo_query = $DB->sql_query("SELECT subject_id FROM " . $db_prefix . "reply WHERE id=" . intval($_GET['id']));
				$postinfo_fetch = $DB->sql_fetch_array($postinfo_query);
				$postinfo_num   = $DB->sql_num_rows($postinfo_query);
				$postid = $postinfo_fetch['subject_id'];
			}

             if ($postinfo_num == 0)
             {
                 $SF->error('المشاركة المطلوبة غير موجودة');
             }

             $msg_query       = $DB->sql_query("SELECT * FROM " . $db_prefix . "emailmsgs WHERE id='3'");
             $msg_row         = $DB->sql_fetch_array($msg_query);

             $url             = $url = 'http://".$_SERVER["HTTP_HOST"]."".$_SERVER["REQUEST_URI"]."';
			 
			if ($_GET['report'] == 1) {
				$url             = str_replace('misc.php?report=1&id=' . $postid,'',$url);
			} else {
				$url             = str_replace('misc.php?report=2&id=' . intval($_GET['id']) . '&page='. intval($_GET['page']),'',$url);
			}
			
             $url            .= 'show.php?main=1&id=' . $postid . ($_GET['report'] == 2 ? '&page='. intval($_GET['page']) .'#'. intval($_GET['id']) : '');
			 
             $text            = $msg_row['text'];
             $text            = str_replace('[MySBB]subject_url[/MySBB]',$url,$text);
			 $text            = str_replace('[MySBB]reason[/MySBB]',$_POST['reason'],$text);
			 $text            = str_replace('[MySBB]username[/MySBB]',$member_row['username'],$text);

            $mail = $SF->mail($info_row['admin_email'],$msg_row['title'],$text,$info_row['send_email']);
			$Smarty->assign('msgg','شكراً لك، سوف ننظر في الموضوع'); 
            $Smarty->assign('GO','show.php?main=1&id='.intval($postid));
 		 	$SF->go_to('show.php?main=1&id=' . intval($postid),1);                 
            $Smarty->display('loading.tpl');

            $Smarty->display('footer.tpl');
         }
		 }
     }


// ** Pages **

     elseif ($_GET['pages'] == 1)
     {
         if (empty($_GET['id']))
         {
             $SF->error('الرابط المتبع خاطئ');
         }

         $id = intval($_GET['id']);

         $getpage_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "pages WHERE id='$id'");
         $getpage_num   = $DB->sql_num_rows($getpage_query);
         $getpage_row   = $DB->sql_fetch_array($getpage_query);

         if ($getpage_num <= 0)
         {
             $SF->html_title_page($info_row['title'].' - (Powered By MySmartBB Universal)');
             $SF->error('<br />الصفحة المطلوبة غير موجودة');
         }

         $Smarty->assign('path_bar','الصفحات الإضافية');
         $Smarty->display('path-bar.tpl');

         $SF->html_title_page($getpage_row['title'].' - (Powered By MySmartBB Universal)');
         $SF->msg('<h1><b>'.$getpage_row['title'].'</b></h1><br />');
         echo $getpage_row['html_code'];
         echo '<br />';
         $SF->FastMove();
         $Smarty->display('footer.tpl');
     }

// ** Groups Page **

     elseif ($_GET['team'] == 1)
     {
         $SF->html_title_page('المسؤولون عن المنتدى - (Powered By MySmartBB Universal)');
         $getmemberinfo_query = $DB->sql_query("SELECT " . $db_prefix . "member.* FROM " . $db_prefix . "member AS " . $db_prefix . "member
                                                LEFT JOIN " . $db_prefix . "group ON (" . $db_prefix . "member.usergroup = " . $db_prefix . "group.id)
                                                WHERE " . $db_prefix . "group.forum_team = 1
                                                ");

         $getmemberinfo_rows = array();
         while ($getmemberinfo_row = $DB->sql_fetch_array($getmemberinfo_query))
         {
             $getmemberinfo_rows[] = $getmemberinfo_row;
             $Smarty->assign('getmemberinfo_rows',$getmemberinfo_rows);
         }

         $Smarty->assign('path_bar','المسؤولون عن المنتدى');
         $Smarty->display('path-bar.tpl');
         $Smarty->display('admin-and-mod-list.tpl');
         $SF->FastMove();
         $Smarty->display('footer.tpl');
     }

// ** Activation **

     elseif ($_GET['active'] == 1)
     {
		 $SF->html_title_page('تفعيل العضوية - (Powered By MySmartBB Universal)');
		 
         if ($member_permission != 1)
         {
             $SF->error('يجب عليك تسجيل الدخول اولاً');
         }

         $m = $SF->SafeSQL($_GET['m']);

         $getreq_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "member WHERE active_number='" . $m . "' AND username='" . $SF->SafeSQL($member_row['username']) . "'");
         $getreq_num   = $DB->sql_num_rows($getreq_query);
         $getreq_row   = $DB->sql_fetch_array($getreq_query);

         if ($getreq_num <= 0)
         {
             $SF->error('الطلب غير موجود');
         }

         $update = $DB->sql_query("UPDATE " . $db_prefix . "member SET usergroup='" . $info_row['adef_group'] . "' WHERE id='" . $getreq_row['id'] . "'");
         $update = $DB->sql_query("DELETE FROM " . $db_prefix . "requests WHERE random_url='" . $m . "' AND  username='" . $SF->SafeSQL($member_row['username']) . "'");
         if ($update)
         {
			$Smarty->assign('msgg','فُعِّلَت عضويتك بنجاح'); 
            $Smarty->assign("GO","index.php");
 		 	$SF->go_to('index.php',2);              
            $Smarty->display('loading.tpl');

            $Smarty->display('footer.tpl');
         }
     }

// ** Verfiy Changing Email **

     elseif ($_GET['new_email'] == 1)
     {
		 $SF->html_title_page('تغير البريد الالكتروني - (Powered By MySmartBB Universal)');
         $m = $SF->SafeSQL($_GET['m']);
         $getreq_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "requests WHERE random_url='" . $m . "' AND request_type='2' AND username='" . $SF->SafeSQL($member_row['username']) . "'");
         $getreq_row   = $DB->sql_fetch_array($getreq_query);

         if ($DB->sql_num_rows($getreq_query) <= 0)
         {
             $SF->error('المعذرة، هذا الطلب غير موجود');
         }

         $update = $DB->sql_query("UPDATE " . $db_prefix . "member SET email='" . $member_row['new_email'] . "' , new_email='' WHERE username='" . $SF->SafeSQL($member_row['username']) . "'");
         $update = $DB->sql_query("UPDATE " . $db_prefix . "member SET new_email='' WHERE username='" . $SF->SafeSQL($member_row['username']) . "'");
         $update = $DB->sql_query("DELETE FROM " . $db_prefix . "requests WHERE random_url='" . $m . "' AND  username='" . $SF->SafeSQL($member_row['username']) . "'");
         if ($update)
         {

			$Smarty->assign('msgg','غُيِّرَ البريد بنجاح'); 
            $Smarty->assign("GO","index.php");
 		 	$SF->go_to('index.php',2);              
            $Smarty->display('loading.tpl');

            $Smarty->display('footer.tpl');
         }
     }

// ** Verify Changing Password **

     elseif ($_GET['new_password'] == 1)
     {
		 $SF->html_title_page('تغيير كلمة المرور - (Powered By MySmartBB Universal)');
         $m = $SF->SafeSQL($_GET['m']);
         $getreq_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "requests WHERE random_url='" . $m . "' AND request_type='1' AND username='" . $SF->SafeSQL($member_row['username']) . "'");
         $getreq_row   = $DB->sql_fetch_array($getreq_query);

         if ($DB->sql_num_rows($getreq_query) <= 0)
         {
             $SF->error('المعذرة، هذا الطلب غير موجود');
         }

         $update = $DB->sql_query("UPDATE " . $db_prefix . "member SET password='" . $member_row['new_password'] . "' WHERE username='" . $SF->SafeSQL($member_row['username']) . "'");
         $update = $DB->sql_query("UPDATE " . $db_prefix . "member SET new_password='' WHERE username='" . $SF->SafeSQL($member_row['username']) . "'");
         $update = $DB->sql_query("DELETE FROM " . $db_prefix . "requests WHERE random_url='" . $m . "' AND  username='" . $SF->SafeSQL($member_row['username']) . "'");
         if ($update)
         {
			$Smarty->assign('msgg','غُيِّرَت كلمة المرور بنجاح'); 
            $Smarty->assign("GO","index.php");
 		 	$SF->go_to('index.php',2);              
            $Smarty->display('loading.tpl');

             $Smarty->display('footer.tpl');
         }
     }

// ** Forget Password **

     elseif ($_GET['new_forget_password'] == 1)
     {
         $SF->html_title_page('استرجاع كلمة المرور - (Powered By MySmartBB Universal)');
         $m = $SF->SafeSQL($_GET['m']);
         $getreq_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "requests WHERE random_url='" . $m . "' AND request_type='3'");
         $getreq_row   = $DB->sql_fetch_array($getreq_query);

         if ($DB->sql_num_rows($getreq_query) <= 0)
         {
             $SF->error('المعذرة، هذا الطلب غير موجود');
         }

         $password   = $SF->random();
         $mdpassword = md5($password);
         $update     = $DB->sql_query("UPDATE " . $db_prefix . "member SET password='" . $mdpassword . "' WHERE username='" . $SF->SafeSQL($getreq_row['username']) . "'");

         $reqmember_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "member WHERE username='" . $SF->SafeSQL($getreq_row['username']) . "'");
         $reqmember_row   = $DB->sql_fetch_array($reqmember_query);

         $SF->mail($reqmember_row['email'],'كلمة المرور الجديدة','السلام عليكم و رحمة الله و بركاته <br /><br /> كلمة مرورك الجديدة هي : ' . $password,$info_row['send_email']);

         if ($update)
         {

  			$Smarty->assign('msgg',' ُأرسِلَت كلمة المرور الجديدة إلى بريدك الإلكتروني'); 
            $Smarty->assign("GO","index.php");
 		 	$SF->go_to('index.php',2);              
            $Smarty->display('loading.tpl');
            $Smarty->display('footer.tpl');
         }
     }

// ** Cancel Forget Password or Change Email Request **

     elseif ($_GET['cancel_req'] == 1)
     {
		$SF->html_title_page($info_row['title'] . ' - (Powered By MySmartBB Universal)');
         $m = $SF->SafeSQL($_GET['m']);
         $del = $DB->sql_query("DELETE FROM " . $db_prefix . "requests WHERE random_url='" . $m . "' AND  username='" . $SF->SafeSQL($member_row['username']) . "'");

         if (mysql_affected_rows() == 1)
         {
			$Smarty->assign('msgg','أُلغيَ الطلب بنجاح'); 
            $Smarty->assign("GO","index.php");
 		 	$SF->go_to('index.php',2);              
            $Smarty->display('loading.tpl');

             $Smarty->display('footer.tpl');
         }
         else
         {
			$Smarty->assign('msgg','إما أن هذا الطلب غير موجود، أو استُعمِلَ من قبل'); 
            $Smarty->assign("GO","index.php");
 		 	$SF->go_to('index.php',2);              
            $Smarty->display('loading.tpl');
			
            $Smarty->display('footer.tpl');
         }
     }

// ** Login To Section With Special Password **

     elseif ($_GET['section_password'] == 1)
     {
		 $SF->html_title_page($info_row['title'] . ' - (Powered By MySmartBB Universal)');
         $id = intval($_GET['id']);
         $getsection_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "section WHERE id='$id' AND section_password<>''");
         $getsection_num   = $DB->sql_num_rows($getsection_query);
         if ($getsection_num <= 0)
         {
             $SF->error('المعذرة، القسم المطلوب غير محمي بكلمة سر');
         }

         $checkpassword_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "section WHERE id='$id' AND section_password='" . $_POST['password'] . "'");
         $checkpassword_num   = $DB->sql_num_rows($checkpassword_query);
         if ($checkpassword_num <= 0)
         {
             $SF->error('المعذرة، كلمة المرور غير صحيحة');
         }
         else
         {
             $SF->msg('كلمة المرور صحيحة .. يرجى الانتظار حتى يتم تحويلك إلى القسم');

             if ($_GET['show_file'] == 1)
             {
                 $SF->go_to("show.php?main=1&id=" . intval($_GET['subject_id']) . "&password=" . base64_encode($_POST['password']),2);
             }
             else
             {
                 $SF->go_to("forum.php?show=1&id=" . $id . "&password=" . base64_encode($_POST['password']),2);
             }
         }
     }

// ** Online Page **

     elseif ($_GET['online'] == 1)
     {
         $SF->html_title_page('المتواجدين حالياً - (Powered By MySmartBB Universal)');

         if ($groupper_row['onlinepage_allow'] != 1)
         {
             $SF->error('المعذرة، لا يمكنك مشاهدة هذه الصفحة');
         }

         if ($groupper_row['show_hidden'] != 1)
         {
             if ($info_row['show_onlineguest'] != 1)
             {
                 $getonline_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "online WHERE username<>'زائر' AND user_id<>'' AND hide_browse<>'1' ORDER BY username ASC");
             }
             elseif ($info_row['show_onlineguest'] == 1)
             {
                 $getonline_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "online WHERE hide_browse<>'1' ORDER BY username ASC");
             }
         }
         elseif ($groupper_row['show_hidden'] == 1)
         {
             if ($info_row['show_onlineguest'] != 1)
             {
                 $getonline_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "online WHERE username<>'زائر' AND user_id<>'' ORDER BY username ASC");
             }
             elseif ($info_row['show_onlineguest'] == 1)
             {
                 $getonline_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "online ORDER BY username ASC");
             }
         }

         $getonline_rows = array();
         while ($getonline_row = $DB->sql_fetch_array($getonline_query))
         {
             $getonline_rows[] = $getonline_row;
             $Smarty->assign('getonline_rows',$getonline_rows);
         }
		 
         $Smarty->assign('path_bar','المتواجدون حاليا');
         $Smarty->display('path-bar.tpl');
         $Smarty->display('homepage_online.tpl');
         $SF->FastMove();
         $Smarty->display('footer.tpl');
     }

// ** Request To Restat Password **

     elseif ($_GET['forget'] == 1)
     {
		$SF->html_title_page('استرجاع كلمة المرور - (Powered By MySmartBB Universal)');
         if ($_GET['index'] == 1)
         {
             $Smarty->assign('path_bar','استرجاع كلمة المرور');
         	 $Smarty->display('path-bar.tpl');
             $Smarty->display('forget-password.tpl');
             $Smarty->display('footer.tpl');
         }
         elseif ($_GET['start'] == 1)
         {
             if (empty($_POST['T1']))
             {
                 $SF->error('يرجى تعبئة كافة المعلومات');
             }

             $checkemail_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "member WHERE email='" . $_POST['T1'] . "'");
             $checkemail_num   = $DB->sql_num_rows($checkemail_query);
             $checkemail_row   = $DB->sql_fetch_array($checkemail_query);

             if ($checkemail_num <= 0)
             {
                 $SF->error('البريد الإلكتروني غير موجود');
             }

             $url       =   $url = 'http://".$_SERVER["HTTP_HOST"]."".$_SERVER["REQUEST_URI"]."';
             $url       =   str_replace('misc.php?forget=1&start=1','',$url);
             $s         =   $SF->random();
             $url_a     =   $url . 'misc.php?new_forget_password=1&m=' . $s;
             $url_c     =   $url . 'misc.php?cancel_req=1&m=' . $s;

             $insert = $DB->sql_query("INSERT INTO " . $db_prefix . "requests(id,random_url,username,request_type) VALUES('NULL','" . $s . "','" . $SF->SafeSQL($checkemail_row['username']) . "','3')");

             if ($insert)
             {
                 $getmsg_query   =   $DB->sql_query("SELECT * FROM " . $db_prefix . "emailmsgs WHERE id='1'");
                 $getmsg_row     =   $DB->sql_fetch_array($getmsg_query);

                 $text = $getmsg_row['text'];
                 $text = str_replace('[MySBB]username[/MySBB]',$member_row['username'],$text);
                 $text = str_replace('[MySBB]change_url[/MySBB]',$url_a,$text);
                 $text = str_replace('[MySBB]cancel_url[/MySBB]',$url_c,$text);
                 $text = str_replace('[MySBB]board_title[/MySBB]',$info_row['title'],$text);

                 $SF->mail($checkemail_row['email'],$getmsg_row['title'],$text,$info_row['send_email']);

			$Smarty->assign('msgg','أُرسِلَت رسالة تأكيد إلى البريد الالكتروني'); 
                	$Smarty->assign("GO","index.php");
 		 	$SF->go_to('index.php',2);              
                     	$Smarty->display('loading.tpl');

                 $Smarty->display('footer.tpl');
             }
         }
     }

// ** Advertisement **

     elseif ($_GET['ads'] == 1)
     {
		 $SF->html_title_page($info_row['title'] . ' - (Powered By MySmartBB Universal)');
         $getads_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "ads WHERE id='" . intval($_GET['id']) . "'");
         $getads_row   = $DB->sql_fetch_array($getads_query);
         $getads_num   = $DB->sql_num_rows($getads_query);
         if ($getads_num <= 0)
         {
             $SF->error('المعذرة، الإعلان المطلوب غير موجود');
         }

         $update = $DB->sql_query("UPDATE " . $db_prefix . "ads SET clicks=clicks+1 WHERE id='" . $getads_row['id'] . "'");
         if ($update)
         {
			$Smarty->assign("msgg","سوف تنتقل إلى موقع " . $getads_row['site'] . " يرجى الانتظار"); 
                	$Smarty->assign("GO",$getads_row['site']);
            		 $SF->go_to($getads_row['site'],2);             
                     	$Smarty->display('loading.tpl');

             $Smarty->display('footer.tpl');
         }
     }

// ** **

     elseif ($_GET['send'] == 1)
     {
         $id = intval($_GET['id']);
         $getmemberinfo_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "member WHERE id = '$id'");
         $getmemberinfo_row   = $DB->sql_fetch_array($getmemberinfo_query);
         $getmemberinfo_num   = $DB->sql_num_rows($getmemberinfo_query);
		 
         $SF->html_title_page('إرسال رساله إلى'. $getmemberinfo_row['username'] .' - (Powered By MySmartBB Universal)');

	 if ($member_permission != 1)
		{
			$SF->error('المعذرة , لايُمكنك استخدام هذه الميزة');

		}else{

         if ($getmemberinfo_num == 0)
         {
             $SF->error('المعذرة، العضو المطلوب غير موجود');
         }

         if ($getmemberinfo_row['send_allow'] == 0)
         {
             $SF->error('المعذرة، العضو المطلوب لا يريد استقبال رسائل بريدية');
         }

         if ($_GET['main'] == 1)
         {
         	 $Smarty->assign('path_bar','أرسل الموضوع لصديق');
         	 $Smarty->display('path-bar.tpl');
             $Smarty->assign_by_ref('getmemberinfo_row',$getmemberinfo_row);
             $Smarty->display('send-email.tpl');
             $SF->FastMove();
             $Smarty->display('footer.tpl');
         }

         if ($_GET['domail'] == 1)
         {
             if (empty($_POST['T1']) or empty($_POST['S1']))
             {
                 $SF->error('يرجى تعبئة كافة المعلومات');
             }

             $text = nl2br($_POST['S1']);
             $text=$SF->SafeOutPuts($text);
             $send = $SF->mail($getmemberinfo_row['email'],$_POST['T1'],$text,$member_row['email']);
             if ($send)
             {

			$Smarty->assign('msgg','أرسِلَت الرسالة بنجاح'); 
                	$Smarty->assign("GO","index.php");
 		 	$SF->go_to('index.php',2);              
                 $Smarty->display('loading.tpl');
                 $Smarty->display('footer.tpl');
             }
         }
	}
     }

// ** Last posts **

     elseif ($_GET['newposts'] == 1)
     {
            $SF->html_title_page('آخر المشاركات - (Powered By MySmartBB Universal)');
            $Smarty->assign('place', 'all');

            $since = ( (!$_GET['since']) ? 0  : intval($_GET['since']) );
            $limit = ( (!$_GET['limit']) ? 10 : intval($_GET['limit']) );

            $Smarty->assign('since', $since);
            $Smarty->assign('limit', $limit);
			if ($limit <= '50')
			{
            $sentence = ( ($since == 0) ? '' : "write_time >= '" . (time() - $since) . "' AND" );

            $subject_qry = $DB->sql_query("SELECT * FROM " . $db_prefix . "subject WHERE $sentence delete_topic != '1' AND sec_subject != '1' ORDER BY write_time DESC LIMIT 0,$limit");
            $subject_row = array();
            while($subject = $DB->sql_fetch_array($subject_qry))
            {
                    $subject_row[] = $subject;

                    $Smarty->assign('subject_row', $subject_row);
            }
			
         $Smarty->assign('path_bar','آخر المشاركات');
         $Smarty->display('path-bar.tpl');
         $Smarty->display('last-subjects-and-replies.tpl');
		 }elseif ($limit > '50'){
				$SF->error('المعذرة لا يمكنك عرض أكثر من 50 نتيجة');
			}
         $SF->FastMove();
         $Smarty->display('footer.tpl');
     }

// ** Today's Subjects **

     elseif ($_GET['todaysubjects'] == 1)
     {
            $SF->html_title_page('آخر المواضيع - (Powered By MySmartBB Universal)');
            $Smarty->assign('place', 'today');

            $subject_qry = $DB->sql_query("SELECT * FROM " . $db_prefix . "subject WHERE write_date = '$date' AND delete_topic != '1' AND sec_subject != '1' ORDER BY write_time DESC");
            if($DB->sql_num_rows($subject_qry) <= 0)
            {
                    $SF->error('لا يوجد مواضيع جديدة لهذا اليوم');
            }
            $subject_row = array();
            while($subject = $DB->sql_fetch_array($subject_qry))
            {
                    $subject_row[] = $subject;

                    $Smarty->assign('subject_row', $subject_row);
            }

         	 $Smarty->assign('path_bar','مواضيع اليوم');
         	 $Smarty->display('path-bar.tpl');
             $Smarty->display('last-subjects-and-replies.tpl');
             $SF->FastMove();
             $Smarty->display('footer.tpl');

     }


?>